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The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days wilt be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment See 37 CFR 1.704(b). 

Status 

1)S Responsive to communication(s) filed on 08 February 2000 . 
2a)D This action is FINAL. 2b)l3 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 11, 453 O.G. 213. 
Disposition of Claims 

4) E3 Claim(s) 1-27 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) |3 Claim(s) 7-27 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on 26 March 2001 is/are: a)M accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

11) D The proposed drawing correction filed on is: a)D approved b)D disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) D The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§119 and 120 

13) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a)DAII b)D Some*c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application). 

a) □ The translation of the foreign language provisional application has been received. 

15) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 . 
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1 ) [3 Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) Paper No(s). . 

2) CH Notice of Draftsperson's Patent Drawing Review (PTO-948) 5) 0 Notice of Informal Patent Application (PTO-1 52) 

3) □ Information Disclosure Statement(s) (PTO-1449) Paper No(s) . 6) □ Other: 
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DETAILED ACTION 

1 . Claims 1-27 are pending. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1-3, 5-10, 12-18, 20-23, 27 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Shostack, Smith, and Yemini. 

In reference to claim 1: 

(Shostack, Page 4, lines 1-10) discloses 

A method for assessing the security posture of a network comprising the steps of: 

• Exporting only the required data from the system database representing the 
network to each respective network vulnerability analysis program 

• Analyzing the network with each network vulnerability analysis program to 
produce data results from each program; 

• Storing the data results from respective network vulnerability analysis programs 
and the common system model database within a data fact base; 
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Shostack fails to explicitly disclose the use of an object model database and decision 
logic that uses fuzzy logic rules. 

Smith(column 4, lines 26-48) discloses a method comprising: 

• Applying goal oriented fuzzy logic decision rules to the data fact base to 

determine the security posture of the network, where fuzzy logic rules are applied 
to a database of information. 

The use of fuzzy logic to analyze information is well known method in the art as 

disclosed in the background art of Smith(column 3, lines 30-33) 

"Fuzzy logic... provides a robust mathematical framework for dealing with "real-world" 

imprecision and nonstatistical uncertainty." 

And (column 3 lines 38-44) 

"Fuzzy rule-based systems have proven effective in a number of application areas such 
as intelligent control and decision support, especially where a system is difficult to 
characterize and has strict implementation constraints." 

The applicant describes the object model database as such: 
"This model uses object oriented(OO) methodology to provide an extensible set of 
components in a class hierarchy that can be combined to represent a network. The 
class hierarchy provides a means of defining components with shared common traits, 
retaining the specifics that distinguished it from other components. In addition to an 
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implicit hierarchical relationship, object oriented techniques provide a containment 
mechanism in which an object can contain a reference to any object, including itself. 
This provides a flexible mechanism for representing any physical or logical entity. Also, 
object oriented representation lends itself to ready modification and extension and is 
ideal for an information assurance arena where changes and new technologies arise 
daily" (Specification, page 13 line 32 - page 14 line 10) 

The examiner takes official notice that an object model database, in the spirit of which it 
is defined by the applicant, is well known in the art as disclosed by Yemini (column 2, 
lines 8-12). Yemini specifically discloses that representing knowledge about a system 
to be monitored such as a network topology may be stored in a hierarchical relational or 
object oriented database. 

It would have been obvious to one of ordinary skill in the art at the time of invention to 
apply Smith's fuzzy logic analysis to Shostack's security mechanism with an object 
model database implementation, given the advantages of fuzzy logic analysis being 
equipped to handle uncertainty and imprecision, and given the advantage of object 
oriented databases being able to handle frequent modification and extension. 



In reference to claim 2: 
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The examiner notes, the applicant(spec page 14, lines 20-23) discloses a filter as the 
following: 

" NVT views each tool as a filter, calling the appropriate method within the filter to 
perform the desired task, including initializing, running, importing data, and exporting 
data." 

Shostack(page 4 line 1-line 10) discloses a method comprising the step of exporting 
only the required data from the system object model database via filters associated with 
respective network vulnerability programs, where the filters are the modules that each 
perform a different task as part of an overall integrated system. 

In reference to claim 3: 

Shostack(page 4 line 1-line 10) discloses an integrated system of programs for 
assessing vulnerabilities, with each program assessing a different aspect of the 
network. 

In reference to claim 5: 

Though Shostack does not explicitly state that the network analysis programs are 
created through OOP, it would have been obvious to one of ordinary skill in the art at 
the time of invention to use object oriented programming in the design of the analysis 
programs given the advantage of sharing common data and separating source code 
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into hierarchies, and its prevalence as the primary programming paradigm in the 
software community. 

Claims 7,14, 22 are rejected for the same reason as claim 1 . 
In reference to claim 8: 

Smith (column 3 lines 54-58) discloses the use of fuzzy logic based on evidential 
reasoning. 

Claims 9,10 are rejected for the same reasons as claims 2,3 respectively. 

Claim 12 is rejected for the same reason as claims 5. 

Claim 15,16,23 are rejected for the same reasons as claim 8. 

Claims 17,18 are rejected for the same reasons as claims 2,3 respectively. 

Claim 20 is rejected for the same reasons as claims 5. 

Claim 27 is rejected for the same reason as claim 5. 



4. Claims 4,11,19, 24-26 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Shostack, Smith, Yemini, and Richardson. 

In reference to claim 4: 
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Richardson(figures 2-6) disclose a program encompassing a method in which the 
network is modeled as a map on a graphical user interface. It would have been obvious 
to one of ordinary skill in the art at the time of invention to apply Richardson's graphical 
user interface and model the network as a map in a GUI to allow the network to be 
viewed, conveniently navigated the software, and configured by the user. 

Claims 1 1 ,19,25 is rejected for the same reason as claim 4. 

In reference to claim 26: 

Richardson (column 1, line 62 - column 2 line 16) discloses a data processing system 
according further comprising a graphical user interface for displaying the security 
posture of the network. Richardson's GUI denote the status of particular events based 
on their severity, allowing the entire status of the network to be inspected by a user 
looking at the color indications. 

Conclusion 

5. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Thomas M Ho whose telephone number is (703)305- 
8029. The examiner can normally be reached on M-F from 8:30am - 5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory A. Morse can be reached at (703)308-4789. The fax phone 
numbers for the organization where this application or proceeding is assigned are 
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(703)746-7239 for regular communications and (703)746-7238 for After Final 
communications. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is (703)306- 
5484. 

TMH 

October 7 th , 2003 
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